Menu
▾
▴
Re: [PacketFence-users] AD Users and computer bypass Auth
|
From: Durand f. <fd...@in...> - 2015-07-14 11:30:34
|
Hi Rick, have a look at https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Administration_Guide.asciidoc#vlan-filter-definition and at the file vlan_filters.conf ( connection_type). Regards Fabrice Le 2015-07-13 23:00, Rick Chan 詹益龍 (中光電) a écrit : > > HI, > > I followed Administration Guide V5.0 P.23 to setting my lab. > > But when I use Domain computer connet to switch and open browser, it > still redirect to captive portal require auth. > > Can somebody helpme how to bypass it ? > > pf.conf > > [interface eth0.1] > > enforcement=vlan > > ip=192.168.11.1 > > type=internal > > mask=255.255.255.0 > > [interface eth0.2] > > enforcement=vlan > > ip=192.168.12.1 > > type=internal > > mask=255.255.255.0 > > [interface eth0] > > ip=10.2.27.17 > > type=management > > mask=255.255.252.0 > > Networks.conf > > [192.168.11.0] > > dns=192.168.11.1 > > dhcp_start=192.168.11.10 > > gateway=192.168.11.1 > > domain-name=vlan-registration.coretronic.com > > nat_enabled=disabled > > named=enabled > > dhcp_max_lease_time=600 > > fake_mac_enabled=disabled > > dhcpd=enabled > > dhcp_end=192.168.11.246 > > type=vlan-registration > > netmask=255.255.255.0 > > dhcp_default_lease_time=300 > > [192.168.12.0] > > dns=192.168.12.1 > > dhcp_start=192.168.12.10 > > gateway=192.168.12.1 > > domain-name=vlan-isolation.coretronic.com > > nat_enabled=disabled > > named=enabled > > dhcp_max_lease_time=600 > > fake_mac_enabled=disabled > > dhcpd=enabled > > dhcp_end=192.168.12.246 > > type=vlan-isolation > > netmask=255.255.255.0 > > dhcp_default_lease_time=300 > > switches.conf > > [default] > > description=Switches Default Values > > vlans=1,2,3,4,5 > > normalVlan=1 > > registrationVlan=2 > > isolationVlan=3 > > macDetectionVlan=4 > > voiceVlan=5 > > inlineVlan=6 > > inlineTrigger= > > normalRole=normal > > registrationRole=registration > > isolationRole=isolation > > macDetectionRole=macDetection > > voiceRole=voice > > inlineRole=inline > > VoIPEnabled=N > > VlanMap=Y > > RoleMap=Y > > mode=production > > macSearchesMaxNb=30 > > macSearchesSleepInterval=2 > > uplink=dynamic > > # > > # Command Line Interface > > # > > # cliTransport could be: Telnet, SSH or Serial > > cliTransport=Telnet > > # > > # SNMP section > > # > > # PacketFence -> Switch > > SNMPVersion=3 > > SNMPCommunityRead=public > > SNMPCommunityWrite=private > > #SNMPEngineID = 0000000000000 > > SNMPUserNameRead=readUser > > SNMPAuthProtocolRead=MD5 > > SNMPAuthPasswordRead=authpwdread > > SNMPPrivProtocolRead=AES > > SNMPPrivPasswordRead=privpwdread > > SNMPUserNameWrite=writeUser > > SNMPAuthProtocolWrite=MD5 > > SNMPAuthPasswordWrite=authpwdwrite > > SNMPPrivProtocolWrite=AES > > SNMPPrivPasswordWrite=privpwdwrite > > # Switch -> PacketFence > > SNMPVersionTrap=3 > > SNMPUserNameTrap=readUser > > SNMPAuthProtocolTrap=MD5 > > SNMPAuthPasswordTrap=authpwdread > > SNMPPrivProtocolTrap=AES > > SNMPPrivPasswordTrap=privpwdread > > SNMPCommunityTrap=public > > AccessListMap=N > > type=Cisco::Catalyst_2960 > > [192.168.0.1] > > description=Test Switch > > type=Cisco::Catalyst_2900XL > > mode=production > > uplink=23,24 > > #SNMPVersion = 3 > > #SNMPEngineID = 0000000000000 > > #SNMPUserNameRead = readUser > > #SNMPAuthProtocolRead = MD5 > > #SNMPAuthPasswordRead = authpwdread > > #SNMPPrivProtocolRead = DES > > #SNMPPrivPasswordRead = privpwdread > > #SNMPUserNameWrite = writeUser > > #SNMPAuthProtocolWrite = MD5 > > #SNMPAuthPasswordWrite = authpwdwrite > > #SNMPPrivProtocolWrite = DES > > #SNMPPrivPasswordWrite = privpwdwrite > > #SNMPVersionTrap = 3 > > #SNMPUserNameTrap = readUser > > #SNMPAuthProtocolTrap = MD5 > > #SNMPAuthPasswordTrap = authpwdread > > #SNMPPrivProtocolTrap = DES > > #SNMPPrivPasswordTrap = privpwdread > > ------------------------------------------------------------------------ > This e-mail transmission and its attachment are intended only for the > use of the individual or entity to which it is addressed, and may > contain information that is privileged, confidential and exempted from > disclosure under applicable law. If the reader is not the intended > recipient, you are hereby notified that any disclosure, dissemination, > distribution or copying of this communication, in part or entirety, is > strictly prohibited. If you are not the intended recipient for this > confidential e-mail, delete it immediately without keeping or > distributing any copy and notify the sender immediately. The hard > copies should also be destroyed. Thank you for your cooperation. It is > advisable that any unauthorized use of confidential information of > this Company is strictly prohibited; and any information in this email > that does not relate to the official business of this Company shall be > deemed as neither given nor endorsed by this Company. > > > ------------------------------------------------------------------------------ > Don't Limit Your Business. Reach for the Cloud. > GigeNET's Cloud Solutions provide you with the tools and support that > you need to offload your IT needs and focus on growing your business. > Configured For All Businesses. Start Your Cloud Today. > https://www.gigenetcloud.com/ > > > _______________________________________________ > PacketFence-users mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-users |
